mirrors
/
msma
mirror of https://github.com/riverar/messageanalyzer-archive.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
msma/feed/Assets/Message_Analyzer/Pre-encryption for LDAPS.asset

121 lines
4.8 KiB
Plaintext
Raw Permalink Blame History

<?xml version="1.0" encoding="utf-8"?>
<AssetCollection xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Metadata>
<UniqueId>6f730ceb-0876-4722-827b-154a55650489</UniqueId>
<GroupId>6f730ceb-0876-4722-827b-154a55650489</GroupId>
<Name>Pre-encryption for LDAPS</Name>
<AssetType>TraceScenarioAsset</AssetType>
<VersionNumber>1</VersionNumber>
<Author>Microsoft</Author>
<Corporation>Microsoft</Corporation>
<PublishedDate>2016-01-18T12:00:00</PublishedDate>
<ModifiedDate>2016-01-18T12:00:00</ModifiedDate>
<Revision>1</Revision>
<Description>Capture LDAP messages prior to SASL-encryption for analysis of unencrypted LDAP traffic. Important: To ensure capture of unencrypted LDAP messages, follow step 1 in KB article 2221529 to specify a registry setting for each process monitored.</Description>
<Tags />
<Rating>0</Rating>
</Metadata>
<Assets>
<Asset>
<Metadata>
<UniqueId>704db043-1b57-4c24-bbe8-6c844656f867</UniqueId>
<Name>SASL LDAP pre-encryption with WFP</Name>
<Category>Network</Category>
<Properties />
</Metadata>
<Content
xsi:type="TraceScenarioAsset">
<Providers>
<EtwProvider>
<Id>099614a5-5dd7-4788-8bc9-e29f43db28fc</Id>
<IsEnabled>true</IsEnabled>
<Settings>
<MajorVersion>0</MajorVersion>
<MinorVersion>0</MinorVersion>
<__Id>099614a5-5dd7-4788-8bc9-e29f43db28fc</__Id>
<TimeOut>0</TimeOut>
<Level>Verbose</Level>
<KeywordToMask>true</KeywordToMask>
<MatchAnyKeyword>442085283</MatchAnyKeyword>
<MatchAllKeyword>0</MatchAllKeyword>
</Settings>
</EtwProvider>
<EtwProvider>
<Id>c22d1b14-c242-49de-9f17-1d76b8b9c458</Id>
<IsEnabled>true</IsEnabled>
<Settings
xsi:type="EtwMessageSourcePluginSettingsWfpCapture">
<MajorVersion>0</MajorVersion>
<MinorVersion>0</MinorVersion>
<__Id>c22d1b14-c242-49de-9f17-1d76b8b9c458</__Id>
<TimeOut>0</TimeOut>
<Level>Information</Level>
<KeywordToMask>true</KeywordToMask>
<MatchAnyKeyword>0</MatchAnyKeyword>
<MatchAllKeyword>0</MatchAllKeyword>
<fastFilters>
<PefWfpFastFilter>
<Type>None</Type>
<FilterString />
</PefWfpFastFilter>
<PefWfpFastFilter>
<Type>None</Type>
<FilterString />
</PefWfpFastFilter>
<PefWfpFastFilter>
<Type>None</Type>
<FilterString />
</PefWfpFastFilter>
<PefWfpFastFilter>
<Type>None</Type>
<FilterString />
</PefWfpFastFilter>
</fastFilters>
<LayerSets>
<PefWfpLayer>
<LayerIndex>LAYER_INBOUND_TRANSPORT_V4</LayerIndex>
<Name>INBOUND_TRANSPORT_V4</Name>
<AdminEnabled>true</AdminEnabled>
<Selected>true</Selected>
</PefWfpLayer>
<PefWfpLayer>
<LayerIndex>LAYER_OUTBOUND_TRANSPORT_V4</LayerIndex>
<Name>OUTBOUND_TRANSPORT_V4</Name>
<AdminEnabled>true</AdminEnabled>
<Selected>true</Selected>
</PefWfpLayer>
<PefWfpLayer>
<LayerIndex>LAYER_INBOUND_TRANSPORT_V6</LayerIndex>
<Name>INBOUND_TRANSPORT_V6</Name>
<AdminEnabled>true</AdminEnabled>
<Selected>true</Selected>
</PefWfpLayer>
<PefWfpLayer>
<LayerIndex>LAYER_OUTBOUND_TRANSPORT_V6</LayerIndex>
<Name>OUTBOUND_TRANSPORT_V6</Name>
<AdminEnabled>true</AdminEnabled>
<Selected>true</Selected>
</PefWfpLayer>
</LayerSets>
<EnableDiscardEvents>false</EnableDiscardEvents>
</Settings>
</EtwProvider>
</Providers>
<SessionSettings>
<MajorVersion>0</MajorVersion>
<MinorVersion>0</MinorVersion>
<ClockMode>QPC</ClockMode>
<BufferSizeKB>256</BufferSizeKB>
<MinBufferCount>4</MinBufferCount>
<MaxBufferCount>16</MaxBufferCount>
<FlushTimerInSec>1</FlushTimerInSec>
<LogFileMode>256</LogFileMode>
</SessionSettings>
<CaptureFilter />
<VisualizerId>00000000-0000-0000-0000-000000000000</VisualizerId>
</Content>
<Properties />
</Asset>
</Assets>
<Properties />
</AssetCollection>
Reference in New Issue View Git Blame Copy Permalink